Technology Focus: How Soon Before Cyberattack Hits Here?

Code-named “Olympic Games”, the attacks were spearheaded by the US government under the Bush administration. Stuxnet targeted Siemens industrial equipment to spin hundreds of centrifuges beyond their breaking points and eventually disable Iran's nuclear efforts.
Reuters

It’s not just networks that could be attacked, Panetta said, but the whole interlocking grid of power companies, transportation, finance and government systems.

“An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches,” Panetta said. “They could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”

In August, a cyberattack battered the internal systems of Saudi Aramco, the No. 1 oil company in Saudi Arabia, the world's top oil producer. Intelligence specialists in the Pentagon believe Aramco was infected by the Shamoon virus inserted by Iranian cyberhackers.

The good news is that the Pentagon and spy agencies are on the job. They tried to get the U.S. Congress to pass a law to make it easier to deal with the the problem, but it was blocked by Republicans who believed it would place undue burdens on companies.

Of course, Washington isn’t above using cybertactics, too. Unofficially, the “Olympic Games” program has created various computer viruses as well as the so-called Stuxnet “worm” that paralyzed Iran’s nuclear laboratories for a while.

But consider two major moves by big companies last week that could make cyberattacks even easier.

First, International Business Machines Corp. (NYSE: IBM), the No. 2 computer maker, and AT&T Inc. (NYSE: T), the No. 1 telecommunications carrier, announced a new joint venture. Starting next quarter, companies using AT&T networks will be able to connect with cloud services from IBM.

The new deal “broadens the reach” of customers of both companies, said Dennis Quan, IBM VP for Smart Cloud Infrastructure.

The irony is that both technology giants have been subject to antitrust charges in the past. In 1983, the “old” AT&T, then the No. 1 global corporation, was required to split up, although much of it, minus manufacturing, has now been reassembled.

Such a global link-up would be a tempting target for cyberattackers, especially given the roster of blue-chip customers. Even smaller cloud service providers, such as Amazon.com Inc. (Nasdaq: AMZN), the No. 1 e-retailer, are serving agencies like NASA and the National Institutes of Health.

Separately, Japan’s Softbank Corp. (Tokyo: 9984) began a bid to acquire 70 percent of ailing Sprint-Nextel Corp. (NYSE: S), the No. 3 U.S. telecommunications company, for as much as $23 billion. The goal would be to merge Sprint’s U.S. landline, mobile and data networks with Softbank’s in Japan. As well, Softbank, a major content powerhouse in its own right, would have access to more platforms, especially for mobile advertising.

Softbank was the pioneer corporate investor in Yahoo (Nasdaq: YHOO), the No. 3 search engine. Yahoo itself still retains a stake in Yahoo Japan. The two companies are big investors in China’s Alibaba Group, another huge Internet company.

So an enlarged Softbank or Sprint would also be another big target, also with plenty of enterprise accounts that could be compromised.

And the reports about Sprint came just after Deutsche Telekom (Pink: DTEGY) announced a complex deal to acquire MetroPCS Communications Corp. (NYSE: PCS), the No. 5 mobile carrier. Then it would inject its subsidiary, T-Mobile USA, into it, and operate the No. 4 U.S. mobile system.

Is there any doubt Deutsche Telekom isn’t already serving the European corporate market, so that forging a bigger U.S. link only opens it more to attack?

To be sure, the companies, like IBM and AT&T, say they deploy security software network-wide and are now taking better steps to deal with the era of the smartphone and tablet, which started with the BlackBerry from Research in Motion (Nasdaq: RIMM) but now deals with many other products.

"Chances are anything going over the IBM network are extremely secure," said security expert C. Warren Axelrod, who served on federal commissions preparing the U.S. for the Y2K transition back in 1999. "Just because networks are coming together doesn't means there's extra risk."

As they forge ever-closer ties, enlarged global networks can become more vulnerable than ever. Is there any doubt that a term first used by Homer – “Trojan Horse” – is just as appropriate now as it was in the story of the siege of Troy?